1 // ========================================================================
2 // Copyright (c) 2008-2009 Mort Bay Consulting Pty. Ltd.
3 // ------------------------------------------------------------------------
4 // All rights reserved. This program and the accompanying materials
5 // are made available under the terms of the Eclipse Public License v1.0
6 // and Apache License v2.0 which accompanies this distribution.
7 // The Eclipse Public License is available at
8 // http://www.eclipse.org/legal/epl-v10.html
9 // The Apache License v2.0 is available at
10 // http://www.opensource.org/licenses/apache2.0.php
11 // You may elect to redistribute this code under either of these licenses.
12 // ========================================================================
13
14 package org.eclipse.jetty.server;
15
16 import javax.servlet.ServletRequest;
17 import javax.servlet.ServletResponse;
18 import javax.servlet.http.HttpServletRequest;
19 import javax.servlet.http.HttpServletResponse;
20
21
22 /* ------------------------------------------------------------ */
23 /** The Authentication state of a request.
24 * <p>
25 * The Authentication state can be one of several sub-types that
26 * reflects where the request is in the many different authentication
27 * cycles. Authentication might not yet be checked or it might be checked
28 * and failed, checked and deferred or succeeded.
29 *
30 */
31 public interface Authentication
32 {
33 /* ------------------------------------------------------------ */
34 /** A successful Authentication with User information.
35 */
36 public interface User extends Authentication
37 {
38 String getAuthMethod();
39 UserIdentity getUserIdentity();
40 boolean isUserInRole(UserIdentity.Scope scope,String role);
41 void logout();
42 }
43
44 /* ------------------------------------------------------------ */
45 /** A wrapped authentication with methods provide the
46 * wrapped request/response for use by the application
47 */
48 public interface Wrapped extends Authentication
49 {
50 HttpServletRequest getHttpServletRequest();
51 HttpServletResponse getHttpServletResponse();
52 }
53
54 /* ------------------------------------------------------------ */
55 /** A deferred authentication with methods to progress
56 * the authentication process.
57 */
58 public interface Deferred extends Authentication
59 {
60 /* ------------------------------------------------------------ */
61 /** Authenticate if possible without sending a challenge.
62 * This is used to check credentials that have been sent for
63 * non-manditory authentication.
64 * @return The new Authentication state.
65 */
66 Authentication authenticate(ServletRequest request);
67
68 /* ------------------------------------------------------------ */
69 /** Authenticate and possibly send a challenge.
70 * This is used to initiate authentication for previously
71 * non-manditory authentication.
72 * @return The new Authentication state.
73 */
74 Authentication authenticate(ServletRequest request,ServletResponse response);
75
76
77 /* ------------------------------------------------------------ */
78 /** Login with the LOGIN authenticator
79 * @param username
80 * @param password
81 * @return The new Authentication state
82 */
83 Authentication login(String username,String password);
84 }
85
86
87 /* ------------------------------------------------------------ */
88 /** Authentication Response sent state.
89 * Responses are sent by authenticators either to issue an
90 * authentication challenge or on successful authentication in
91 * order to redirect the user to the original URL.
92 */
93 public interface ResponseSent extends Authentication
94 {
95 }
96
97 /* ------------------------------------------------------------ */
98 /** An Authentication Challenge has been sent.
99 */
100 public interface Challenge extends ResponseSent
101 {
102 }
103
104 /* ------------------------------------------------------------ */
105 /** An Authentication Failure has been sent.
106 */
107 public interface Failure extends ResponseSent
108 {
109 }
110
111 public interface SendSuccess extends ResponseSent
112 {
113 }
114
115 /* ------------------------------------------------------------ */
116 /** Unauthenticated state.
117 * <p>
118 * This convenience instance is for non mandatory authentication where credentials
119 * have been presented and checked, but failed authentication.
120 */
121 public final static Authentication UNAUTHENTICATED = new Authentication(){@Override
122 public String toString(){return "UNAUTHENTICATED";}};
123
124 /* ------------------------------------------------------------ */
125 /** Authentication not checked
126 * <p>
127 * This convenience instance us for non mandatory authentication when no
128 * credentials are present to be checked.
129 */
130 public final static Authentication NOT_CHECKED = new Authentication(){@Override
131 public String toString(){return "NOT CHECKED";}};
132
133 /* ------------------------------------------------------------ */
134 /** Authentication challenge sent.
135 * <p>
136 * This convenience instance is for when an authentication challenge has been sent.
137 */
138 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override
139 public String toString(){return "CHALLENGE";}};
140
141 /* ------------------------------------------------------------ */
142 /** Authentication failure sent.
143 * <p>
144 * This convenience instance is for when an authentication failure has been sent.
145 */
146 public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override
147 public String toString(){return "FAILURE";}};
148 public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override
149 public String toString(){return "SEND_SUCCESS";}};
150 }